Chris Vincent

**Name of the Vulnerable Software and Affected Versions** Owl Intranet Engine versions 0.90 and earlier **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via unspecified vectors, potentially leading to the execution of malicious code on the victim's browser. **Recommendations** For Owl Intranet Engine versions 0.90 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Owl Intranet Engine versions 0.90 and earlier **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. **Recommendations** For versions 0.90 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.